EUVD-2025-209021
GHSA-436f-fmh9-32gq
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionNVD
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when administering security settings.
AnalysisAI
IBM WebSphere Application Server Liberty versions 17.0.0.3 through 26.0.0.3 contain a vulnerability in security settings administration that could allow authenticated attackers with high privileges to bypass expected security controls and gain unauthorized access to sensitive information. The vulnerability affects a critical administrative interface and, while it requires local access and high privileges to exploit, could enable lateral privilege escalation or information disclosure within enterprise environments. No evidence of active exploitation or public proof-of-concept has been reported, but a vendor patch is available.
Technical ContextAI
This vulnerability relates to CWE-1393 (Weak Security Settings Administration), which describes improper enforcement of security policies during configuration and administration of security parameters. IBM WebSphere Application Server Liberty (confirmed via CPE cpe:2.3:a:ibm:websphere_application_server_-_liberty) is a lightweight application server framework used to deploy Java-based enterprise applications. The affected versions (17.0.0.3 through 26.0.0.3) span a significant release history, suggesting the vulnerability is rooted in how the administrative console or configuration framework validates and applies security-related settings. The weakness likely exists in the security realm configuration, user role mapping, or permission enforcement logic that governs who can access what resources within the application server.
RemediationAI
Apply the security patch provided by IBM at https://www.ibm.com/support/pages/node/7267362, which addresses the vulnerability in all affected versions. Upgrade to a patched release within the 17.x, 18.x through 26.x lines (exact patch versions are available in the IBM advisory). Until patching is completed, enforce the principle of least privilege by restricting administrative console access to a minimal set of trusted administrators, disable non-essential administrative features if available, and ensure all administrative access is logged and monitored. Consider implementing network-level access controls to limit who can reach the WebSphere Liberty administrative interfaces (port 9080 or 9443 by default). Test patches in a staging environment before production deployment to ensure compatibility with existing security configurations.
More from same product – last 7 days
Remote code execution in IBM Langflow OSS versions 1.0.0 through 1.9.1 lets unauthenticated network attackers run arbitr
Remote code execution and authentication bypass are possible in IBM Aspera High-Speed Transfer Server and High-Speed Tra
Authentication bypass in IBM Aspera High-Speed Transfer Server for Cloud Pak for Integration (CP4I) versions 1.5.1 throu
Hard-coded credentials in IBM Controller (versions 11.0.1, 11.1.0, 11.1.1, and 11.1.2) give attackers a static, embedded
Arbitrary code execution in IBM Aspera High-Speed Transfer Server and Endpoint (versions 3.7.4 through 4.4.7 Fix Pack 1)
Share
External POC / Exploit Code
Leaving vuln.today